[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for 2.10 v2 14/20] syscall: check inotify() and
From: |
Laurent Vivier |
Subject: |
Re: [Qemu-devel] [PATCH for 2.10 v2 14/20] syscall: check inotify() and eventfd() return value |
Date: |
Thu, 27 Jul 2017 08:39:21 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 |
Le 27/07/2017 à 04:42, Philippe Mathieu-Daudé a écrit :
> linux-user/syscall.c:555:25: warning: Out of bound memory access (accessed
> memory precedes memory block)
> target_fd_trans[fd] = trans;
> ~~~~~~~~~~~~~~~~~~~~^~~~~~~
>
> Reported-by: Clang Static Analyzer
> Suggested-by: Laurent Vivier <address@hidden>
> Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Laurent Vivier <address@hidden>
> ---
> linux-user/syscall.c | 16 ++++++++++++----
> 1 file changed, 12 insertions(+), 4 deletions(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 81f52f7483..dfc1301e63 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -11742,7 +11742,9 @@ abi_long do_syscall(void *cpu_env, int num, abi_long
> arg1,
> #if defined(TARGET_NR_inotify_init) && defined(__NR_inotify_init)
> case TARGET_NR_inotify_init:
> ret = get_errno(sys_inotify_init());
> - fd_trans_register(ret, &target_inotify_trans);
> + if (ret >= 0) {
> + fd_trans_register(ret, &target_inotify_trans);
> + }
> break;
> #endif
> #ifdef CONFIG_INOTIFY1
> @@ -11750,7 +11752,9 @@ abi_long do_syscall(void *cpu_env, int num, abi_long
> arg1,
> case TARGET_NR_inotify_init1:
> ret = get_errno(sys_inotify_init1(target_to_host_bitmask(arg1,
> fcntl_flags_tbl)));
> - fd_trans_register(ret, &target_inotify_trans);
> + if (ret >= 0) {
> + fd_trans_register(ret, &target_inotify_trans);
> + }
> break;
> #endif
> #endif
> @@ -11916,7 +11920,9 @@ abi_long do_syscall(void *cpu_env, int num, abi_long
> arg1,
> #if defined(TARGET_NR_eventfd)
> case TARGET_NR_eventfd:
> ret = get_errno(eventfd(arg1, 0));
> - fd_trans_register(ret, &target_eventfd_trans);
> + if (ret >= 0) {
> + fd_trans_register(ret, &target_eventfd_trans);
> + }
> break;
> #endif
> #if defined(TARGET_NR_eventfd2)
> @@ -11930,7 +11936,9 @@ abi_long do_syscall(void *cpu_env, int num, abi_long
> arg1,
> host_flags |= O_CLOEXEC;
> }
> ret = get_errno(eventfd(arg1, host_flags));
> - fd_trans_register(ret, &target_eventfd_trans);
> + if (ret >= 0) {
> + fd_trans_register(ret, &target_eventfd_trans);
> + }
> break;
> }
> #endif
>
- [Qemu-devel] [PATCH for 2.10 v2 07/20] net/eth: fix incorrect check of iov_to_buf() return value, (continued)
- [Qemu-devel] [PATCH for 2.10 v2 07/20] net/eth: fix incorrect check of iov_to_buf() return value, Philippe Mathieu-Daudé, 2017/07/26
- [Qemu-devel] [PATCH for 2.10 v2 08/20] vfio/platform: fix use of freed memory, Philippe Mathieu-Daudé, 2017/07/26
- [Qemu-devel] [PATCH for 2.10 v2 09/20] vfio/pci: fix use of freed memory, Philippe Mathieu-Daudé, 2017/07/26
- [Qemu-devel] [PATCH for 2.10 v2 10/20] m68k/translate: fix incorrect copy/paste, Philippe Mathieu-Daudé, 2017/07/26
- [Qemu-devel] [PATCH for 2.10 v2 11/20] linux-user/sh4: fix incorrect memory write, Philippe Mathieu-Daudé, 2017/07/26
- [Qemu-devel] [PATCH for 2.10 v2 12/20] syscall: fix dereference of undefined pointer, Philippe Mathieu-Daudé, 2017/07/26
- [Qemu-devel] [PATCH for 2.10 v2 13/20] syscall: fix use of uninitialized values, Philippe Mathieu-Daudé, 2017/07/26
- [Qemu-devel] [PATCH for 2.10 v2 14/20] syscall: check inotify() and eventfd() return value, Philippe Mathieu-Daudé, 2017/07/26
- Re: [Qemu-devel] [PATCH for 2.10 v2 14/20] syscall: check inotify() and eventfd() return value,
Laurent Vivier <=
- [Qemu-devel] [PATCH for 2.10 v2 15/20] thunk: assert nb_fields is valid, Philippe Mathieu-Daudé, 2017/07/26
- [Qemu-devel] [PATCH for 2.10 v2 17/20] bt-sdp: fix memory leak in sdp_service_record_build(), Philippe Mathieu-Daudé, 2017/07/26
- [Qemu-devel] [PATCH for 2.10 v2 18/20] 9pfs: avoid sign conversion error simplifying the code, Philippe Mathieu-Daudé, 2017/07/26
- [Qemu-devel] [PATCH for 2.10 v2 19/20] spapr_vio: fix overflow of qdevs in spapr_dt_vdevice(), Philippe Mathieu-Daudé, 2017/07/26